public async Task <IActionResult> LoginRequest([FromBody] LoginByUsernameViewModel model)
{
if (ModelState.IsValid)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(model.Username, model.Password, false, lockoutOnFailure : false);
if (result.Succeeded)
{
var appUser = _userManager.Users.SingleOrDefault(r => r.UserName == model.Username);
var roles = await _userManager.GetRolesAsync(appUser);
string token = JWTGenerator.Generate(appUser.Email, appUser, roles, _configuration);
_logger.LogInformation("User logged in.");
return(new OkObjectResult(new { Token = token, Roles = roles, UserName = appUser.Name }));
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return(new BadRequestObjectResult("Invalid login or password"));
}
}
else
{
return(new BadRequestObjectResult("Invalid data"));
}
}
public string Login(string username, string password, UserRole[] rolesAllowed)
{
string hashedPassword = getHashedPassword(password);
using (var ds = new DataService())
{
if (ds.getUserDAO().ExistsUsernamePassword(username, hashedPassword, rolesAllowed))
{
return(JWTGenerator.Generate(username));
}
return(null);
}
}
